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DETAILED ACTION 

This Office Action is in response to Applicant's remarks and amendments filed 
March 30, 2010. 

Claims 1, 7, 9-14, 16, 20-25, 27, 31-36, 38, 39, 41-44, 46-49 and 51-57 are 
pending and herein considered. 

Response to Arguments 

Applicant's arguments filed March 30, 2010 regarding the Examiner's 35 USC 
102 rejection of the claims have been fully considered but they are not persuasive. 

In response to Applicant's arguments concerning Hardy's alleged failure to 
disclose "a first workflow which calls for obtaining an approval before performing a 
certificate related action for users having a first user type and a second workflow which 
does not call for obtaining approval before performing a certificate related action for 
users having a second user type" as claimed in claim 1 , the Examiner respectfully 
disagrees. Applicant sets forth the same arguments as presented in his previous 
response, supplemented by a citation to the Examiner's response thereto. 
Unfortunately, Applicant's response focuses on one single line of the Examiner's lengthy 
response, failing entirely to acknowledge the remaining page of remarks including at 
least five additional citations to portions of the Hardy reference serving to teach the 
limitations provided above. As such, the Examiner, rather than copying and pasting her 
remarks from the last office action, would like to direct Applicant's attention to page 3 of 
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her outstanding office action in its entirety (as well as the first half of page 4) where she 

has already responded to Applicant's allegations concerning Hardy's alleged failures. 

Applicant goes on to provide a copy of his claim 1 in its entirety, followed by 3 

unsupported allegations: 

"Hardy fails to disclose, either expressly or inherently, Hardy fails to disclose, 
either expressly or inherently, a first workflow which calls for obtaining an 
approval before performing a certificate related action for users having a first 
user type and a second workflow which does not call for obtaining approval 
before performing a certificate related action for users having a second user type. 
Hardy also fails to disclose obtaining an approval from an entity identified in a 
user profile for the user and obtaining a certificate based on that approval. 
Furthermore, Hardy does not disclose, expressly or inherently, obtaining and 
maintaining a real time status for certificates as recited in the pending claims. 
For at least these reasons, the Applicant's respectfully request withdrawal of the 
rejection and allowance of [the] claims" 

The first of these allegations is identical to that responded to above and as such, 
remains unpersuasive for those same reasons. In response to applicant's second and 
third arguments that the references fail to show certain features of applicant's invention, 
it is noted that the features upon which applicant relies (i.e., "obtaining an approval from 
an entity identified in a user profile for the user and obtaining a certificate based on that 
approval" and "obtaining and maintaining a real time status for certificates") and are not 
recited in the rejected claim(s). Although the claims are interpreted in light of the 
specification, limitations from the specification are not read into the claims. See In re 
Van Geuns, 988 F.2d 1181, 26 USPQ2d 1057 (Fed. Cir. 1993). While portions of 
Applicant's allegations appear interspersed throughout Applicant's claims, Applicant's 
remarks fail to comply with 37 CFR 1 .1 1 1 (b) and (c) because they amount to a general 
allegation that the claims define a patentable invention without specifically pointing out 
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how the language of the claims patentably distinguishes them from the references and 
fail to clearly point out the patentable novelty which he or she thinks the claims present 
in view of the state of the art disclosed by the references cited or the objections made. 
Further, they do not show how the amendments avoid such references or objections. 
Last but not least the Examiner is unfamiliar with any sort of "user profile for the user" 
within Applicant's claims and suggests that Applicant rely upon his claim language in his 
arguments so that it may be apparent to the Examiner what his scope of protection 
entails. 

Applicant's remarks concerning claim 38 are identical to those provided regarding 
claim 1 and are unpersuasive for those same reasons as presented above with regards 
to claim 1 . 

Regarding Applicant's newly added claims, Applicant is reminded of his duty to 
provide support in his remarks for any and all claim amendments as well as newly 
added claims. Nowhere in Applicant's remarks has he provided any support for his 
newly added claims nor has he mentioned them at all within his remarks regarding 
patentability leaving the Examiner to re-examine his Specification in its entirety to find 
support for his additions and no reasoning as to why the newly added claims were 
introduced. 

It is for the reasons presented above that the Examiner maintains her 35 USC 
102 rejection of Applicant's claims. However, it is in view of Applicant's newly added 
claim language and newly added claims that the Examiner has amended her rejection 
to reject Applicant's claims under 35 U.S.C. 103(a) as being unpatentable over U.S. 
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Patent No. 6,073,242 granted to Hardy et al., and further in view of United States Patent 
No. 6,842,863, granted to Fox et al. 



Claim Rejections - 35 USC § 103 

The following is a quotation of 35 U.S.C. 1 03(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

Claims 1, 7, 9-14, 16, 20-25, 27, 31-36, 38, 39, 41-44, 46-49 and 51-57 are 

rejected under 35 U.S.C. 103(a) as being unpatentable over U.S. Patent No. 

6,073,242 granted to Hardy et al., and further in view of United States Patent 

Application Publication No. 2005/0138363 A1 by Fox et al. 

As per claim 1, Hardy discloses a method comprising: 

receiving at an Identity System a request for a first certificate related action for a 
first user wherein the certificate related action is selected from a group consisting of a 
certificate enrollment action, a certificate renewal action, and a certificate revocation 
action (col. 5 lines 42-55; col.1 1 lines 9-30; col. 19 line 54 thru col .20 line 44); and 

retrieving by the Identity System a first workflow for responding to said request 
from a plurality of workflows for responding to requests for certificate related actions, 
wherein each workflow in said plurality of workflows corresponds to a different set of 
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characteristics for a user (col. 3 line 54 thru col.4 line 7; col. 13 line 44 thru col. 14 line 25) 
wherein the first workflow contains a first set of directives and a second workflow in said 
plurality of workflows contains a second set of directives, wherein said first set of 
directives is different from said second set of directives (col. 14 lines 7-25), wherein said 
first workflow calls for obtaining an approval before performing a certificate related 
action (col.4 lines 23-26, 39-41) for users having a first user type, wherein said second 
workflow does not call for obtaining an approval before performing a certificate related 
action (col.4 line 57 thru col. 5 line 5) for users having a second user type (col.4 line 
col.1 6 lines 8-41 ), and wherein retrieving the first workflow further comprises selecting 
the first workflow from a plurality of workflows based on the first certificate related action 
and a user type of the first user (col. 13 line 44 thru col. 14 line 25) from a set of 
characteristics for the first user from an identity profile for the first user maintained by 
the Identity System being the first user type (col.4 lines 57-67); 

performing said first workflow, wherein performing said first workflow comprises 
retrieving an approval response from an entity associated with the first user and 
identified in the identity profile for the first user and obtaining a certificate based on the 
approval response (col.4 lines 11-18, 23-45; col. 6 lines 32-44); and 

Hardy fails to particularly point out whereby the certificate is obtained from a 
certificate authority external to an Identity System and includes a real time status, both 
the status and certificate eventually being stored in the Identity System. 

Fox describes the use of Certificate Authorities for the generation and 
transmission of certificates (pars 2-3, 7-8), certificates which may be transmitted to 
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Identity Systems for use therein and which include real time status capabilities (pars 30, 
34-35, 44, 51-52, 54; figure 4). 

It would have been obvious to a person of ordinary skill in the art at the time the 
invention was made to include within Hardy the Certificate Authority and real time status 
as described in Fox to provide for the generation of certificates at a trusted party 
external to a system whereby both the Certificate Authority and the Identity System are 
capable of using the real time status information within the certificate to determine the 
validity thereof. 

As per claim 7, Hardy discloses receiving said plurality of workflows (col.4 lines 
58-67). 

As per claim 9, Hardy discloses receiving a second request for a second 
certificate related action for a second user wherein the second certificate related action 
is selected from a group consisting of a certificate enrollment action, a certificate 
renewal action, and a certificate revocation action (col. 3 line 45 thru col.4 Iine22); 

retrieving the second workflow for responding to said second request from said 
plurality of workflows, wherein retrieving the second workflow further comprises 
selecting the second workflow from the plurality of workflows based on the second 
certificate related action and a user type of the second user (col. 3 line 54 thru col.4 line 
7; col. 13 line 44 thru col. 14 line 25; col. 16 lines 8-41) from a set of characteristics for the 
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second user from an identity profile for the second user maintained by the Identity 
System being the secure user type (col.4 lines 57-67); and 

performing said second workflow (col. 13 line 44 thru col. 14 line 25), wherein 
performing said second workflow comprises obtaining a second certificate without 
retrieving an approval response (col.3lines 32-44) 

As per claim 10, Hardy disclose wherein said first certificate related action is a 
certificate enrollment action and said second certificate related action is a certificate 
enrollment action (col. 5 lines 42-55; col.1 1 lines 9-30). 

As per claim 11, Hardy discloses wherein said first certificate related action is a 
certificate renewal action and said second certificate related action is a certificate 
renewal action (col. 5 lines 42-55; col. 5 lines 42-55; col. 11 lines 9-30). 

As per claim 12, Hardy discloses performing said first workflow, wherein said 
first certificate related action is a certificate enrollment action (col. 5 lines 42-55; col.1 1 
lines 9-30; col.1 9 line 54 thru col. 20 line 44) and wherein performing said first workflow 
comprises obtaining a certificate, wherein obtaining the certificate comprises 
authenticating said first user, forwarding said request to a Certificate Processing Server, 
receiving said certificate, and storing said certificate (col. 5 lines 42-55; col.1 1 lines 9 
thru col.1 2 line 49). 
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As per claim 13, Hardy discloses performing said first workflow, wherein said 
certificate related action is a certificate renewal action (col. 5 lines 42-55; col.1 1 lines 9- 
30; col. 19 line 54 thru col. 20 line 44) and wherein performing said first workflow 
comprises obtaining a certificate renewal, wherein obtaining the certificate renewal 
comprises authenticating said first user, forwarding said request to a Certificate 
Processing Server, and receiving a certificate renewal acknowledgement (col. 5 lines 42- 
55; col.1 1 lines 9 thru col. 12 line 49). 

As per claim 14, Hardy discloses performing said first workflow, wherein said 
certificate related action is a certificate revocation action (col. 5 lines 42-55; col.1 1 lines 
9-30; col.1 9 line 54 thru col. 20 line 44) and wherein performing said first workflow 
comprises revoking a certificate, wherein revoking the certificate comprises 
authenticating said first user, and forwarding said request to a Certificate Processing 
Server (col.5 lines 42-55; col.1 1 lines 9 thru col.1 2 line 49). 

Claim 16 is directed towards a system's implementation of the method of claim 1 
and is rejected by similar rationale. 

Claim 20 is directed towards a system's implementation of the method of claim 7 
and is rejected by similar rationale. 
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Claims 21 and 22 are directed towards a system's implementation of the method 
of claims 9 and 10 and are rejected by similar rationale. 

Claims 23-25 are directed towards a system's implementation of the method of 
claims 12-14 and are rejected by similar rationale. 

Claim 27 is directed towards an apparatus' implementation of the method of 
claim 1 and is rejected by similar rationale. 

Claim 31 is directed towards an apparatus' implementation of the method of 
claim 7 and is rejected by similar rationale. 

Claims 32 and 33 are directed towards an apparatus' implementation of the 
method of claims 9 and 10 and are rejected by similar rationale. 

Claims 34-36 are directed towards an apparatus' implementation of the method 
of claims 12-14 and are rejected by similar rationale. 

Claim 38 is directed towards the method of claim 1 and is rejected by similar 
rationale. 
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Claims 39 is directed towards the method of claim 7 and is rejected by similar 
rationale. 

Claim 41 is directed towards a broader form of the method of claims 1 0 and 1 1 
and is rejected by similar rationale. 

As per claim 42, Hardy discloses wherein receiving the first request, retrieving 
the first workflow, performing the first workflow, receiving the second request, retrieving 
the second workflow, and performing the second workflow are performed by an Identity 
system in communication with an Access System (col. 3 lines 45-56). 

Claim 43 is directed towards a system's implementation of the method of claim 1 
and is rejected by similar rationale. 

Claim 44 is directed towards a system's implementation of the method of claim 7 
and is rejected by similar rationale. 

Claim 46 is directed towards a broader form of a system's implementation of the 
method of claims 10 and 11 and is rejected by similar rationale. 

As per claim 47, Hardy discloses wherein receiving the first request, retrieving 
the first workflow, performing the first workflow, receiving the second request, retrieving 
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the second workflow, and performing the second workflow are performed by an Identity 
system in communication with an Access System (col. 3 lines 45-56). 

Claim 48 is directed towards an apparatus's implementation of the method of 
claim 1 and is rejected by similar rationale. 

Claim 49 is directed towards an apparatus' implementation of the method of 
claim 7 and is rejected by similar rationale. 

Claim 51 is directed towards a broader form of an apparatus' implementation of 
the method of claims 10 and 11 and is rejected by similar rationale. 

As per claim 52, Hardy discloses wherein receiving the first request, retrieving 
the first workflow, performing the first workflow, receiving the second request, retrieving 
the second workflow, and performing the second workflow are performed by an Identity 
system in communication with an Access System (col. 3 lines 45-56). 

As per claim 53, Hardy discloses applying a Lightweight Directory Access 
protocol (LDAP) filter to attributes of the identity profile for the first user (col. 5 lines 52- 
56; col.9 lines 54-56; Fig 2A). 
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As per claim 54, Hardy discloses wherein the entity associated with the first user 
comprises a third user (col.4 lines 11-18, 23-45; col. 6 lines 32-44). 

As per claim 55, Fox discloses storing validation information for said certificate in 
the Identity System, wherein said validation information includes an identifier of a time 
said real time status was retrieved and a validation interval for said real time status; 
receiving at the Identity System a request to export the certificate; determining with the 
Identity System whether to check a status for said certificate, wherein determining 
whether to check the status for the certificate comprises querying a parameter field in 
the Identity System; and in response to determining to check the status for said 
certificate, determining with the Identity System whether to check the status for the 
certificate in real time comprises querying a parameter field in the Identity System (pars 
30, 34-35, 44, 51-52, 54; figure 4). 

Claim 56 is directed towards a system's implementation of the method of claim 
55 and is rejected by similar rationale. 

Claim 57 is directed towards an apparatus' implementation of the method of 
claim 55 and is rejected by similar rationale. 
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Conclusion 

Applicant's amendment necessitated the new ground(s) of rejection presented in 
this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP 
§ 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 
CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1 .136(a) will be calculated from the mailing date of 
the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the date of this final action. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Tamara Teslovich whose telephone number is (571) 

272- 4241 . The examiner can normally be reached on Mon-Fri 8-4:30. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Emmanuel Moise can be reached on (571) 272-3865. The fax phone 
number for the organization where this application or proceeding is assigned is 571- 

273- 8300. 
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Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 

/Tamara Teslovich/ 
Examiner, Art Unit 2437 



/Emmanuel L. Moise/ 

Supervisory Patent Examiner, Art Unit 2437 



